Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
28/06/2024, 05:14
Behavioral task
behavioral1
Sample
18e7f6108c33729fd541dbb74e0e8307_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
18e7f6108c33729fd541dbb74e0e8307_JaffaCakes118.pdf
Resource
win10v2004-20240611-en
General
-
Target
18e7f6108c33729fd541dbb74e0e8307_JaffaCakes118.pdf
-
Size
91KB
-
MD5
18e7f6108c33729fd541dbb74e0e8307
-
SHA1
892eafc5abc2dd4a5d89d6cb081ad2912e5c2061
-
SHA256
ef690d84077295c65ee9343b424551556e26fdbd94ac94ef201d5e1e6e9af749
-
SHA512
e19e70049b4e15f28c6f3af8023fd505e52d98779b27dde909611c153d57dbdf0c62b18b50bac81e461e48af0072c17bf2ba6f132807628624904a563876d2a7
-
SSDEEP
1536:nTutvgqCqKJq2XX4/Ct1RJ3ruDlAgs5c04p4hoYH02WIhN6eHFzWYpOecm7:SgqCqeNoOKDq8pkRUgN6sF6eb
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2872 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2872 AcroRd32.exe 2872 AcroRd32.exe 2872 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\18e7f6108c33729fd541dbb74e0e8307_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2872
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e14805def8ae4f9299079b816ba6e150
SHA1486455afd927613381576bb813843162d4fee244
SHA256524807547bb5b16b4def7d98326712cdf3ad42fce93bf2597c7fd08f87fd9f06
SHA512fe14c11cc08c3573a3efaee0eb076987032e6c0f9e7eb113a6ae243d759105e4a0c1fcb54601bd393d8c9eeb0d17ab8aaaafdc939b5e85c053f86149724253ea